Skip to content

Commit

Permalink
Merge branch 'fix/82-auth-with-context-key' into feature/veridajs4
Browse files Browse the repository at this point in the history
  • Loading branch information
Chris committed Jun 19, 2024
2 parents 17de748 + 2b0c0fe commit 78037ef
Showing 1 changed file with 12 additions and 6 deletions.
18 changes: 12 additions & 6 deletions src/components/authManager.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,10 +82,10 @@ class AuthManager {
}

const consentMessage = `Authenticate this application context: "${contextName}"?\n\n${did}\n${decodedJwt.authRequestId}`
return this.verifySignedConsentMessage(did, signature, consentMessage)
return this.verifySignedConsentMessage(did, signature, consentMessage, contextName)
}

async verifySignedConsentMessage(did, signature, consentMessage) {
async verifySignedConsentMessage(did, signature, consentMessage, contextName) {
// Verify the signature signed the correct string
try {
const didDocument = await this.getDidDocument(did)
Expand All @@ -94,11 +94,17 @@ class AuthManager {
return false
}

const result = didDocument.verifySig(consentMessage, signature)
// Check signature sourced from context key
const result = didDocument.verifyContextSignature(consentMessage, contextName, signature)

if (!result) {
console.info('Invalid signature when verifying signed consent message')
return false
// Check singature sourced from master DID key
const result2 = didDocument.verifySig(consentMessage, signature)

if (!result2) {
console.info('Invalid signature when verifying signed consent message')
return false
}
}

return true
Expand Down Expand Up @@ -302,7 +308,7 @@ class AuthManager {
async invalidateDeviceId(did, contextName, deviceId, signature) {
did = did.toLowerCase()
const consentMessage = `Invalidate device for this application context: "${contextName}"?\n\n${did}\n${deviceId}`
const validSignature = await this.verifySignedConsentMessage(did, signature, consentMessage)
const validSignature = await this.verifySignedConsentMessage(did, signature, consentMessage, contextName)

if (!validSignature) {
return false
Expand Down

0 comments on commit 78037ef

Please sign in to comment.